diff --git a/ctaocrypt/src/hc128.c b/ctaocrypt/src/hc128.c deleted file mode 100644 index 27b83c723..000000000 --- a/ctaocrypt/src/hc128.c +++ /dev/null @@ -1,399 +0,0 @@ -/* hc128.c - * - * Copyright (C) 2006-2014 wolfSSL Inc. - * - * This file is part of CyaSSL. - * - * CyaSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * CyaSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA - */ - -#ifdef HAVE_CONFIG_H - #include -#endif - -#include - -#ifdef HAVE_HC128 - -#include -#include -#include -#ifdef NO_INLINE - #include - #include -#else - #include -#endif - - -#ifdef BIG_ENDIAN_ORDER - #define LITTLE32(x) ByteReverseWord32(x) -#else - #define LITTLE32(x) (x) -#endif - - -/*h1 function*/ -#define h1(ctx, x, y) { \ - byte a,c; \ - a = (byte) (x); \ - c = (byte) ((x) >> 16); \ - y = (ctx->T[512+a])+(ctx->T[512+256+c]); \ -} - -/*h2 function*/ -#define h2(ctx, x, y) { \ - byte a,c; \ - a = (byte) (x); \ - c = (byte) ((x) >> 16); \ - y = (ctx->T[a])+(ctx->T[256+c]); \ -} - -/*one step of HC-128, update P and generate 32 bits keystream*/ -#define step_P(ctx,u,v,a,b,c,d,n){ \ - word32 tem0,tem1,tem2,tem3; \ - h1((ctx),(ctx->X[(d)]),tem3); \ - tem0 = rotrFixed((ctx->T[(v)]),23); \ - tem1 = rotrFixed((ctx->X[(c)]),10); \ - tem2 = rotrFixed((ctx->X[(b)]),8); \ - (ctx->T[(u)]) += tem2+(tem0 ^ tem1); \ - (ctx->X[(a)]) = (ctx->T[(u)]); \ - (n) = tem3 ^ (ctx->T[(u)]) ; \ -} - -/*one step of HC-128, update Q and generate 32 bits keystream*/ -#define step_Q(ctx,u,v,a,b,c,d,n){ \ - word32 tem0,tem1,tem2,tem3; \ - h2((ctx),(ctx->Y[(d)]),tem3); \ - tem0 = rotrFixed((ctx->T[(v)]),(32-23)); \ - tem1 = rotrFixed((ctx->Y[(c)]),(32-10)); \ - tem2 = rotrFixed((ctx->Y[(b)]),(32-8)); \ - (ctx->T[(u)]) += tem2 + (tem0 ^ tem1); \ - (ctx->Y[(a)]) = (ctx->T[(u)]); \ - (n) = tem3 ^ (ctx->T[(u)]) ; \ -} - -/*16 steps of HC-128, generate 512 bits keystream*/ -static void generate_keystream(HC128* ctx, word32* keystream) -{ - word32 cc,dd; - cc = ctx->counter1024 & 0x1ff; - dd = (cc+16)&0x1ff; - - if (ctx->counter1024 < 512) - { - ctx->counter1024 = (ctx->counter1024 + 16) & 0x3ff; - step_P(ctx, cc+0, cc+1, 0, 6, 13,4, keystream[0]); - step_P(ctx, cc+1, cc+2, 1, 7, 14,5, keystream[1]); - step_P(ctx, cc+2, cc+3, 2, 8, 15,6, keystream[2]); - step_P(ctx, cc+3, cc+4, 3, 9, 0, 7, keystream[3]); - step_P(ctx, cc+4, cc+5, 4, 10,1, 8, keystream[4]); - step_P(ctx, cc+5, cc+6, 5, 11,2, 9, keystream[5]); - step_P(ctx, cc+6, cc+7, 6, 12,3, 10,keystream[6]); - step_P(ctx, cc+7, cc+8, 7, 13,4, 11,keystream[7]); - step_P(ctx, cc+8, cc+9, 8, 14,5, 12,keystream[8]); - step_P(ctx, cc+9, cc+10,9, 15,6, 13,keystream[9]); - step_P(ctx, cc+10,cc+11,10,0, 7, 14,keystream[10]); - step_P(ctx, cc+11,cc+12,11,1, 8, 15,keystream[11]); - step_P(ctx, cc+12,cc+13,12,2, 9, 0, keystream[12]); - step_P(ctx, cc+13,cc+14,13,3, 10,1, keystream[13]); - step_P(ctx, cc+14,cc+15,14,4, 11,2, keystream[14]); - step_P(ctx, cc+15,dd+0, 15,5, 12,3, keystream[15]); - } - else - { - ctx->counter1024 = (ctx->counter1024 + 16) & 0x3ff; - step_Q(ctx, 512+cc+0, 512+cc+1, 0, 6, 13,4, keystream[0]); - step_Q(ctx, 512+cc+1, 512+cc+2, 1, 7, 14,5, keystream[1]); - step_Q(ctx, 512+cc+2, 512+cc+3, 2, 8, 15,6, keystream[2]); - step_Q(ctx, 512+cc+3, 512+cc+4, 3, 9, 0, 7, keystream[3]); - step_Q(ctx, 512+cc+4, 512+cc+5, 4, 10,1, 8, keystream[4]); - step_Q(ctx, 512+cc+5, 512+cc+6, 5, 11,2, 9, keystream[5]); - step_Q(ctx, 512+cc+6, 512+cc+7, 6, 12,3, 10,keystream[6]); - step_Q(ctx, 512+cc+7, 512+cc+8, 7, 13,4, 11,keystream[7]); - step_Q(ctx, 512+cc+8, 512+cc+9, 8, 14,5, 12,keystream[8]); - step_Q(ctx, 512+cc+9, 512+cc+10,9, 15,6, 13,keystream[9]); - step_Q(ctx, 512+cc+10,512+cc+11,10,0, 7, 14,keystream[10]); - step_Q(ctx, 512+cc+11,512+cc+12,11,1, 8, 15,keystream[11]); - step_Q(ctx, 512+cc+12,512+cc+13,12,2, 9, 0, keystream[12]); - step_Q(ctx, 512+cc+13,512+cc+14,13,3, 10,1, keystream[13]); - step_Q(ctx, 512+cc+14,512+cc+15,14,4, 11,2, keystream[14]); - step_Q(ctx, 512+cc+15,512+dd+0, 15,5, 12,3, keystream[15]); - } -} - - -/* The following defines the initialization functions */ -#define f1(x) (rotrFixed((x),7) ^ rotrFixed((x),18) ^ ((x) >> 3)) -#define f2(x) (rotrFixed((x),17) ^ rotrFixed((x),19) ^ ((x) >> 10)) - -/*update table P*/ -#define update_P(ctx,u,v,a,b,c,d){ \ - word32 tem0,tem1,tem2,tem3; \ - tem0 = rotrFixed((ctx->T[(v)]),23); \ - tem1 = rotrFixed((ctx->X[(c)]),10); \ - tem2 = rotrFixed((ctx->X[(b)]),8); \ - h1((ctx),(ctx->X[(d)]),tem3); \ - (ctx->T[(u)]) = ((ctx->T[(u)]) + tem2+(tem0^tem1)) ^ tem3; \ - (ctx->X[(a)]) = (ctx->T[(u)]); \ -} - -/*update table Q*/ -#define update_Q(ctx,u,v,a,b,c,d){ \ - word32 tem0,tem1,tem2,tem3; \ - tem0 = rotrFixed((ctx->T[(v)]),(32-23)); \ - tem1 = rotrFixed((ctx->Y[(c)]),(32-10)); \ - tem2 = rotrFixed((ctx->Y[(b)]),(32-8)); \ - h2((ctx),(ctx->Y[(d)]),tem3); \ - (ctx->T[(u)]) = ((ctx->T[(u)]) + tem2+(tem0^tem1)) ^ tem3; \ - (ctx->Y[(a)]) = (ctx->T[(u)]); \ -} - -/*16 steps of HC-128, without generating keystream, */ -/*but use the outputs to update P and Q*/ -static void setup_update(HC128* ctx) /*each time 16 steps*/ -{ - word32 cc,dd; - cc = ctx->counter1024 & 0x1ff; - dd = (cc+16)&0x1ff; - - if (ctx->counter1024 < 512) - { - ctx->counter1024 = (ctx->counter1024 + 16) & 0x3ff; - update_P(ctx, cc+0, cc+1, 0, 6, 13, 4); - update_P(ctx, cc+1, cc+2, 1, 7, 14, 5); - update_P(ctx, cc+2, cc+3, 2, 8, 15, 6); - update_P(ctx, cc+3, cc+4, 3, 9, 0, 7); - update_P(ctx, cc+4, cc+5, 4, 10,1, 8); - update_P(ctx, cc+5, cc+6, 5, 11,2, 9); - update_P(ctx, cc+6, cc+7, 6, 12,3, 10); - update_P(ctx, cc+7, cc+8, 7, 13,4, 11); - update_P(ctx, cc+8, cc+9, 8, 14,5, 12); - update_P(ctx, cc+9, cc+10,9, 15,6, 13); - update_P(ctx, cc+10,cc+11,10,0, 7, 14); - update_P(ctx, cc+11,cc+12,11,1, 8, 15); - update_P(ctx, cc+12,cc+13,12,2, 9, 0); - update_P(ctx, cc+13,cc+14,13,3, 10, 1); - update_P(ctx, cc+14,cc+15,14,4, 11, 2); - update_P(ctx, cc+15,dd+0, 15,5, 12, 3); - } - else - { - ctx->counter1024 = (ctx->counter1024 + 16) & 0x3ff; - update_Q(ctx, 512+cc+0, 512+cc+1, 0, 6, 13, 4); - update_Q(ctx, 512+cc+1, 512+cc+2, 1, 7, 14, 5); - update_Q(ctx, 512+cc+2, 512+cc+3, 2, 8, 15, 6); - update_Q(ctx, 512+cc+3, 512+cc+4, 3, 9, 0, 7); - update_Q(ctx, 512+cc+4, 512+cc+5, 4, 10,1, 8); - update_Q(ctx, 512+cc+5, 512+cc+6, 5, 11,2, 9); - update_Q(ctx, 512+cc+6, 512+cc+7, 6, 12,3, 10); - update_Q(ctx, 512+cc+7, 512+cc+8, 7, 13,4, 11); - update_Q(ctx, 512+cc+8, 512+cc+9, 8, 14,5, 12); - update_Q(ctx, 512+cc+9, 512+cc+10,9, 15,6, 13); - update_Q(ctx, 512+cc+10,512+cc+11,10,0, 7, 14); - update_Q(ctx, 512+cc+11,512+cc+12,11,1, 8, 15); - update_Q(ctx, 512+cc+12,512+cc+13,12,2, 9, 0); - update_Q(ctx, 512+cc+13,512+cc+14,13,3, 10, 1); - update_Q(ctx, 512+cc+14,512+cc+15,14,4, 11, 2); - update_Q(ctx, 512+cc+15,512+dd+0, 15,5, 12, 3); - } -} - - -/* for the 128-bit key: key[0]...key[15] -* key[0] is the least significant byte of ctx->key[0] (K_0); -* key[3] is the most significant byte of ctx->key[0] (K_0); -* ... -* key[12] is the least significant byte of ctx->key[3] (K_3) -* key[15] is the most significant byte of ctx->key[3] (K_3) -* -* for the 128-bit iv: iv[0]...iv[15] -* iv[0] is the least significant byte of ctx->iv[0] (IV_0); -* iv[3] is the most significant byte of ctx->iv[0] (IV_0); -* ... -* iv[12] is the least significant byte of ctx->iv[3] (IV_3) -* iv[15] is the most significant byte of ctx->iv[3] (IV_3) -*/ - - - -static void Hc128_SetIV(HC128* ctx, const byte* inIv) -{ - word32 i; - word32 iv[4]; - - if (inIv) - XMEMCPY(iv, inIv, sizeof(iv)); - else - XMEMSET(iv, 0, sizeof(iv)); - - for (i = 0; i < (128 >> 5); i++) - ctx->iv[i] = LITTLE32(iv[i]); - - for (; i < 8; i++) ctx->iv[i] = ctx->iv[i-4]; - - /* expand the key and IV into the table T */ - /* (expand the key and IV into the table P and Q) */ - - for (i = 0; i < 8; i++) ctx->T[i] = ctx->key[i]; - for (i = 8; i < 16; i++) ctx->T[i] = ctx->iv[i-8]; - - for (i = 16; i < (256+16); i++) - ctx->T[i] = f2(ctx->T[i-2]) + ctx->T[i-7] + f1(ctx->T[i-15]) + - ctx->T[i-16]+i; - - for (i = 0; i < 16; i++) ctx->T[i] = ctx->T[256+i]; - - for (i = 16; i < 1024; i++) - ctx->T[i] = f2(ctx->T[i-2]) + ctx->T[i-7] + f1(ctx->T[i-15]) + - ctx->T[i-16]+256+i; - - /* initialize counter1024, X and Y */ - ctx->counter1024 = 0; - for (i = 0; i < 16; i++) ctx->X[i] = ctx->T[512-16+i]; - for (i = 0; i < 16; i++) ctx->Y[i] = ctx->T[512+512-16+i]; - - /* run the cipher 1024 steps before generating the output */ - for (i = 0; i < 64; i++) setup_update(ctx); -} - - -static INLINE int DoKey(HC128* ctx, const byte* key, const byte* iv) -{ - word32 i; - - /* Key size in bits 128 */ - for (i = 0; i < (128 >> 5); i++) - ctx->key[i] = LITTLE32(((word32*)key)[i]); - - for ( ; i < 8 ; i++) ctx->key[i] = ctx->key[i-4]; - - Hc128_SetIV(ctx, iv); - - return 0; -} - - -/* Key setup */ -int Hc128_SetKey(HC128* ctx, const byte* key, const byte* iv) -{ -#ifdef XSTREAM_ALIGN - if ((cyassl_word)key % 4) { - int alignKey[4]; - - /* iv gets aligned in SetIV */ - CYASSL_MSG("Hc128SetKey unaligned key"); - - XMEMCPY(alignKey, key, sizeof(alignKey)); - - return DoKey(ctx, (const byte*)alignKey, iv); - } -#endif /* XSTREAM_ALIGN */ - - return DoKey(ctx, key, iv); -} - - - -/* The following defines the encryption of data stream */ -static INLINE int DoProcess(HC128* ctx, byte* output, const byte* input, - word32 msglen) -{ - word32 i, keystream[16]; - - for ( ; msglen >= 64; msglen -= 64, input += 64, output += 64) - { - generate_keystream(ctx, keystream); - - /* unroll loop */ - ((word32*)output)[0] = ((word32*)input)[0] ^ LITTLE32(keystream[0]); - ((word32*)output)[1] = ((word32*)input)[1] ^ LITTLE32(keystream[1]); - ((word32*)output)[2] = ((word32*)input)[2] ^ LITTLE32(keystream[2]); - ((word32*)output)[3] = ((word32*)input)[3] ^ LITTLE32(keystream[3]); - ((word32*)output)[4] = ((word32*)input)[4] ^ LITTLE32(keystream[4]); - ((word32*)output)[5] = ((word32*)input)[5] ^ LITTLE32(keystream[5]); - ((word32*)output)[6] = ((word32*)input)[6] ^ LITTLE32(keystream[6]); - ((word32*)output)[7] = ((word32*)input)[7] ^ LITTLE32(keystream[7]); - ((word32*)output)[8] = ((word32*)input)[8] ^ LITTLE32(keystream[8]); - ((word32*)output)[9] = ((word32*)input)[9] ^ LITTLE32(keystream[9]); - ((word32*)output)[10] = ((word32*)input)[10] ^ LITTLE32(keystream[10]); - ((word32*)output)[11] = ((word32*)input)[11] ^ LITTLE32(keystream[11]); - ((word32*)output)[12] = ((word32*)input)[12] ^ LITTLE32(keystream[12]); - ((word32*)output)[13] = ((word32*)input)[13] ^ LITTLE32(keystream[13]); - ((word32*)output)[14] = ((word32*)input)[14] ^ LITTLE32(keystream[14]); - ((word32*)output)[15] = ((word32*)input)[15] ^ LITTLE32(keystream[15]); - } - - if (msglen > 0) - { - XMEMSET(keystream, 0, sizeof(keystream)); /* hush the static analysis */ - generate_keystream(ctx, keystream); - -#ifdef BIG_ENDIAN_ORDER - { - word32 wordsLeft = msglen / sizeof(word32); - if (msglen % sizeof(word32)) wordsLeft++; - - ByteReverseWords(keystream, keystream, wordsLeft * sizeof(word32)); - } -#endif - - for (i = 0; i < msglen; i++) - output[i] = input[i] ^ ((byte*)keystream)[i]; - } - - return 0; -} - - -/* Encrypt/decrypt a message of any size */ -int Hc128_Process(HC128* ctx, byte* output, const byte* input, word32 msglen) -{ -#ifdef XSTREAM_ALIGN - if ((cyassl_word)input % 4 || (cyassl_word)output % 4) { - #ifndef NO_CYASSL_ALLOC_ALIGN - byte* tmp; - CYASSL_MSG("Hc128Process unaligned"); - - tmp = (byte*)XMALLOC(msglen, NULL, DYNAMIC_TYPE_TMP_BUFFER); - if (tmp == NULL) return MEMORY_E; - - XMEMCPY(tmp, input, msglen); - DoProcess(ctx, tmp, tmp, msglen); - XMEMCPY(output, tmp, msglen); - - XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); - - return 0; - #else - return BAD_ALIGN_E; - #endif - } -#endif /* XSTREAM_ALIGN */ - - return DoProcess(ctx, output, input, msglen); -} - - -#else /* HAVE_HC128 */ - - -#ifdef _MSC_VER - /* 4206 warning for blank file */ - #pragma warning(disable: 4206) -#endif - - -#endif /* HAVE_HC128 */ diff --git a/ctaocrypt/src/rabbit.c b/ctaocrypt/src/rabbit.c deleted file mode 100644 index d4188b89b..000000000 --- a/ctaocrypt/src/rabbit.c +++ /dev/null @@ -1,310 +0,0 @@ -/* rabbit.c - * - * Copyright (C) 2006-2014 wolfSSL Inc. - * - * This file is part of CyaSSL. - * - * CyaSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * CyaSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA - */ - -#ifdef HAVE_CONFIG_H - #include -#endif - -#include - -#ifndef NO_RABBIT - -#include -#include -#include -#ifdef NO_INLINE - #include -#else - #include -#endif - - -#ifdef BIG_ENDIAN_ORDER - #define LITTLE32(x) ByteReverseWord32(x) -#else - #define LITTLE32(x) (x) -#endif - -#define U32V(x) ((word32)(x) & 0xFFFFFFFFU) - - -/* Square a 32-bit unsigned integer to obtain the 64-bit result and return */ -/* the upper 32 bits XOR the lower 32 bits */ -static word32 RABBIT_g_func(word32 x) -{ - /* Temporary variables */ - word32 a, b, h, l; - - /* Construct high and low argument for squaring */ - a = x&0xFFFF; - b = x>>16; - - /* Calculate high and low result of squaring */ - h = (((U32V(a*a)>>17) + U32V(a*b))>>15) + b*b; - l = x*x; - - /* Return high XOR low */ - return U32V(h^l); -} - - -/* Calculate the next internal state */ -static void RABBIT_next_state(RabbitCtx* ctx) -{ - /* Temporary variables */ - word32 g[8], c_old[8], i; - - /* Save old counter values */ - for (i=0; i<8; i++) - c_old[i] = ctx->c[i]; - - /* Calculate new counter values */ - ctx->c[0] = U32V(ctx->c[0] + 0x4D34D34D + ctx->carry); - ctx->c[1] = U32V(ctx->c[1] + 0xD34D34D3 + (ctx->c[0] < c_old[0])); - ctx->c[2] = U32V(ctx->c[2] + 0x34D34D34 + (ctx->c[1] < c_old[1])); - ctx->c[3] = U32V(ctx->c[3] + 0x4D34D34D + (ctx->c[2] < c_old[2])); - ctx->c[4] = U32V(ctx->c[4] + 0xD34D34D3 + (ctx->c[3] < c_old[3])); - ctx->c[5] = U32V(ctx->c[5] + 0x34D34D34 + (ctx->c[4] < c_old[4])); - ctx->c[6] = U32V(ctx->c[6] + 0x4D34D34D + (ctx->c[5] < c_old[5])); - ctx->c[7] = U32V(ctx->c[7] + 0xD34D34D3 + (ctx->c[6] < c_old[6])); - ctx->carry = (ctx->c[7] < c_old[7]); - - /* Calculate the g-values */ - for (i=0;i<8;i++) - g[i] = RABBIT_g_func(U32V(ctx->x[i] + ctx->c[i])); - - /* Calculate new state values */ - ctx->x[0] = U32V(g[0] + rotlFixed(g[7],16) + rotlFixed(g[6], 16)); - ctx->x[1] = U32V(g[1] + rotlFixed(g[0], 8) + g[7]); - ctx->x[2] = U32V(g[2] + rotlFixed(g[1],16) + rotlFixed(g[0], 16)); - ctx->x[3] = U32V(g[3] + rotlFixed(g[2], 8) + g[1]); - ctx->x[4] = U32V(g[4] + rotlFixed(g[3],16) + rotlFixed(g[2], 16)); - ctx->x[5] = U32V(g[5] + rotlFixed(g[4], 8) + g[3]); - ctx->x[6] = U32V(g[6] + rotlFixed(g[5],16) + rotlFixed(g[4], 16)); - ctx->x[7] = U32V(g[7] + rotlFixed(g[6], 8) + g[5]); -} - - -/* IV setup */ -static void RabbitSetIV(Rabbit* ctx, const byte* inIv) -{ - /* Temporary variables */ - word32 i0, i1, i2, i3, i; - word32 iv[2]; - - if (inIv) - XMEMCPY(iv, inIv, sizeof(iv)); - else - XMEMSET(iv, 0, sizeof(iv)); - - /* Generate four subvectors */ - i0 = LITTLE32(iv[0]); - i2 = LITTLE32(iv[1]); - i1 = (i0>>16) | (i2&0xFFFF0000); - i3 = (i2<<16) | (i0&0x0000FFFF); - - /* Modify counter values */ - ctx->workCtx.c[0] = ctx->masterCtx.c[0] ^ i0; - ctx->workCtx.c[1] = ctx->masterCtx.c[1] ^ i1; - ctx->workCtx.c[2] = ctx->masterCtx.c[2] ^ i2; - ctx->workCtx.c[3] = ctx->masterCtx.c[3] ^ i3; - ctx->workCtx.c[4] = ctx->masterCtx.c[4] ^ i0; - ctx->workCtx.c[5] = ctx->masterCtx.c[5] ^ i1; - ctx->workCtx.c[6] = ctx->masterCtx.c[6] ^ i2; - ctx->workCtx.c[7] = ctx->masterCtx.c[7] ^ i3; - - /* Copy state variables */ - for (i=0; i<8; i++) - ctx->workCtx.x[i] = ctx->masterCtx.x[i]; - ctx->workCtx.carry = ctx->masterCtx.carry; - - /* Iterate the system four times */ - for (i=0; i<4; i++) - RABBIT_next_state(&(ctx->workCtx)); -} - - -/* Key setup */ -static INLINE int DoKey(Rabbit* ctx, const byte* key, const byte* iv) -{ - /* Temporary variables */ - word32 k0, k1, k2, k3, i; - - /* Generate four subkeys */ - k0 = LITTLE32(*(word32*)(key+ 0)); - k1 = LITTLE32(*(word32*)(key+ 4)); - k2 = LITTLE32(*(word32*)(key+ 8)); - k3 = LITTLE32(*(word32*)(key+12)); - - /* Generate initial state variables */ - ctx->masterCtx.x[0] = k0; - ctx->masterCtx.x[2] = k1; - ctx->masterCtx.x[4] = k2; - ctx->masterCtx.x[6] = k3; - ctx->masterCtx.x[1] = U32V(k3<<16) | (k2>>16); - ctx->masterCtx.x[3] = U32V(k0<<16) | (k3>>16); - ctx->masterCtx.x[5] = U32V(k1<<16) | (k0>>16); - ctx->masterCtx.x[7] = U32V(k2<<16) | (k1>>16); - - /* Generate initial counter values */ - ctx->masterCtx.c[0] = rotlFixed(k2, 16); - ctx->masterCtx.c[2] = rotlFixed(k3, 16); - ctx->masterCtx.c[4] = rotlFixed(k0, 16); - ctx->masterCtx.c[6] = rotlFixed(k1, 16); - ctx->masterCtx.c[1] = (k0&0xFFFF0000) | (k1&0xFFFF); - ctx->masterCtx.c[3] = (k1&0xFFFF0000) | (k2&0xFFFF); - ctx->masterCtx.c[5] = (k2&0xFFFF0000) | (k3&0xFFFF); - ctx->masterCtx.c[7] = (k3&0xFFFF0000) | (k0&0xFFFF); - - /* Clear carry bit */ - ctx->masterCtx.carry = 0; - - /* Iterate the system four times */ - for (i=0; i<4; i++) - RABBIT_next_state(&(ctx->masterCtx)); - - /* Modify the counters */ - for (i=0; i<8; i++) - ctx->masterCtx.c[i] ^= ctx->masterCtx.x[(i+4)&0x7]; - - /* Copy master instance to work instance */ - for (i=0; i<8; i++) { - ctx->workCtx.x[i] = ctx->masterCtx.x[i]; - ctx->workCtx.c[i] = ctx->masterCtx.c[i]; - } - ctx->workCtx.carry = ctx->masterCtx.carry; - - RabbitSetIV(ctx, iv); - - return 0; -} - - -/* Key setup */ -int RabbitSetKey(Rabbit* ctx, const byte* key, const byte* iv) -{ -#ifdef XSTREAM_ALIGN - if ((cyassl_word)key % 4) { - int alignKey[4]; - - /* iv aligned in SetIV */ - CYASSL_MSG("RabbitSetKey unaligned key"); - - XMEMCPY(alignKey, key, sizeof(alignKey)); - - return DoKey(ctx, (const byte*)alignKey, iv); - } -#endif /* XSTREAM_ALIGN */ - - return DoKey(ctx, key, iv); -} - - -/* Encrypt/decrypt a message of any size */ -static INLINE int DoProcess(Rabbit* ctx, byte* output, const byte* input, - word32 msglen) -{ - /* Encrypt/decrypt all full blocks */ - while (msglen >= 16) { - /* Iterate the system */ - RABBIT_next_state(&(ctx->workCtx)); - - /* Encrypt/decrypt 16 bytes of data */ - *(word32*)(output+ 0) = *(word32*)(input+ 0) ^ - LITTLE32(ctx->workCtx.x[0] ^ (ctx->workCtx.x[5]>>16) ^ - U32V(ctx->workCtx.x[3]<<16)); - *(word32*)(output+ 4) = *(word32*)(input+ 4) ^ - LITTLE32(ctx->workCtx.x[2] ^ (ctx->workCtx.x[7]>>16) ^ - U32V(ctx->workCtx.x[5]<<16)); - *(word32*)(output+ 8) = *(word32*)(input+ 8) ^ - LITTLE32(ctx->workCtx.x[4] ^ (ctx->workCtx.x[1]>>16) ^ - U32V(ctx->workCtx.x[7]<<16)); - *(word32*)(output+12) = *(word32*)(input+12) ^ - LITTLE32(ctx->workCtx.x[6] ^ (ctx->workCtx.x[3]>>16) ^ - U32V(ctx->workCtx.x[1]<<16)); - - /* Increment pointers and decrement length */ - input += 16; - output += 16; - msglen -= 16; - } - - /* Encrypt/decrypt remaining data */ - if (msglen) { - - word32 i; - word32 tmp[4]; - byte* buffer = (byte*)tmp; - - XMEMSET(tmp, 0, sizeof(tmp)); /* help static analysis */ - - /* Iterate the system */ - RABBIT_next_state(&(ctx->workCtx)); - - /* Generate 16 bytes of pseudo-random data */ - tmp[0] = LITTLE32(ctx->workCtx.x[0] ^ - (ctx->workCtx.x[5]>>16) ^ U32V(ctx->workCtx.x[3]<<16)); - tmp[1] = LITTLE32(ctx->workCtx.x[2] ^ - (ctx->workCtx.x[7]>>16) ^ U32V(ctx->workCtx.x[5]<<16)); - tmp[2] = LITTLE32(ctx->workCtx.x[4] ^ - (ctx->workCtx.x[1]>>16) ^ U32V(ctx->workCtx.x[7]<<16)); - tmp[3] = LITTLE32(ctx->workCtx.x[6] ^ - (ctx->workCtx.x[3]>>16) ^ U32V(ctx->workCtx.x[1]<<16)); - - /* Encrypt/decrypt the data */ - for (i=0; i + #define AesSetKey wc_AesSetKey + #define AesSetIV wc_AesSetIV + #define AesCbcEncrypt wc_AesCbcEncrypt + #define AesCbcDecrypt wc_AesCbcDecrypt + #define AesCbcDecryptWithKey wc_AesCbcDecryptWithKey + + /* AES-CTR */ + #ifdef WOLFSSL_AES_COUNTER + #define AesCtrEncrypt wc_AesCtrEncrypt + #endif + /* AES-DIRECT */ + #if defined(WOLFSSL_AES_DIRECT) + #define AesEncryptDirect wc_AesEncryptDirect + #define AesDecryptDirect wc_AesDecryptDirect + #define AesSetKeyDirect wc_AesSetKeyDirect + #endif + #ifdef HAVE_AESGCM + #define AesGcmSetKey wc_AesGcmSetKey + #define AesGcmEncrypt wc_AesGcmEncrypt + #define AesGcmDecrypt wc_AesGcmDecrypt + #define GmacSetKey wc_GmacSetKey + #define GmacUpdate wc_GmacUpdate + #endif /* HAVE_AESGCM */ + #ifdef HAVE_AESCCM + #define AesCcmSetKey wc_AesCcmSetKey + #define AesCcmEncrypt wc_AesCcmEncrypt + #define AesCcmDecrypt wc_AesCcmDecrypt + #endif /* HAVE_AESCCM */ + + #ifdef HAVE_CAVIUM + #define AesInitCavium wc_AesInitCavium + #define AesFreeCavium wc_AesFreeCavium + #endif + #endif /* NO_AES */ + + #ifndef NO_RSA + #include + #define InitRsaKey wc_InitRsaKey + #define FreeRsaKey wc_FreeRsaKey + #define RsaPublicEncrypt wc_RsaPublicEncrypt + #define RsaPrivateDecryptInline wc_RsaPrivateDecryptInline + #define RsaPrivateDecrypt wc_RsaPrivateDecrypt + #define RsaSSL_Sign wc_RsaSSL_Sign + #define RsaSSL_VerifyInline wc_RsaSSL_VerifyInline + #define RsaSSL_Verify wc_RsaSSL_Verify + #define RsaEncryptSize wc_RsaEncryptSize + #define RsaPrivateKeyDecode wc_RsaPrivateKeyDecode + #define RsaPublicKeyDecode wc_RsaPublicKeyDecode + #define RsaPublicKeyDecodeRaw wc_RsaPublicKeyDecodeRaw + #define RsaFlattenPublicKey wc_RsaFlattenPublicKey + + #ifdef WOLFSSL_KEY_GEN + #define MakeRsaKey wc_MakeRsaKey + #define RsaKeyToDer wc_RsaKeyToDer + #endif + + #ifdef HAVE_CAVIUM + #define RsaInitCavium wc_RsaInitCavium + #define RsaFreeCavium wc_RsaFreeCavium + #endif + #endif /* NO_RSA */ + + #ifndef NO_HMAC + #include + #define HmacSetKey wc_HmacSetKey + #define HmacUpdate wc_HmacUpdate + #define HmacFinal wc_HmacFinal + #ifdef HAVE_CAVIUM + #define HmacInitCavium wc_HmacInitCavium + #define HmacFreeCavium wc_HmacFreeCavium + #endif + #define wolfSSL_GetHmacMaxSize wc_wolfSSL_GetHmacMaxSize + #ifdef HAVE_HKDF + #define HKDF wc_HKDF + #endif /* HAVE_HKDF */ + #endif /* NO_HMAC */ + + #ifndef NO_DES3 + #define Des_SetKey wc_Des_SetKey + #define Des_SetIV wc_Des_SetIV + #define Des_CbcEncrypt wc_Des_CbcEncrypt + #define Des_CbcDecrypt wc_Des_CbcDecrypt + #define Des_EcbEncrypt wc_Des_EcbEncrypt + #define Des_CbcDecryptWithKey wc_Des_CbcDecryptWithKey + #define Des3_SetKey wc_Des3_SetKey + #define Des3_SetIV wc_Des3_SetIV + #define Des3_CbcEncrypt wc_Des3_CbcEncrypt + #define Des3_CbcDecrypt wc_Des3_CbcDecrypt + #define Des3_CbcDecryptWithKey wc_Des3_CbcDecryptWithKey + #ifdef HAVE_CAVIUM + #define Des3_InitCavium wc_Des3_InitCavium + #define Des3_FreeCavium wc_Des3_FreeCavium + #endif + #endif /* NO_DES3 */ #endif /* HAVE_FIPS */ diff --git a/cyassl/ssl.h b/cyassl/ssl.h index 5aedb1f75..2963e9bc8 100644 --- a/cyassl/ssl.h +++ b/cyassl/ssl.h @@ -407,7 +407,9 @@ /* examples/client/client.h */ #define CYASSL_THREAD WOLFSSL_THREAD -#define CYASSL_DTLS WOLFSSL_DTLS +#ifdef WOLFSSL_DTLS + #define CYASSL_DTLS WOLFSSL_DTLS +#endif /* examples/client/client.c */ #define LIBCYASSL_VERSION_STRING LIBWOLFSSL_VERSION_STRING diff --git a/pre-commit.sh b/pre-commit.sh index 8214afdb0..d670919cf 100755 --- a/pre-commit.sh +++ b/pre-commit.sh @@ -13,8 +13,8 @@ echo "\n\nStashing any modified files not part of commit\n\n" git stash -q --keep-index # do the commit tests -#echo "\n\nRunning commit tests...\n\n" -#./commit-tests.sh +echo "\n\nRunning commit tests...\n\n" +./commit-tests.sh RESULT=$? # restore modified files not part of this commit diff --git a/src/include.am b/src/include.am index 2f6de0f36..557fe8960 100644 --- a/src/include.am +++ b/src/include.am @@ -182,8 +182,6 @@ endif endif if BUILD_HC128 -# temporarily removed needs revisited -#src_libwolfssl_la_SOURCES += ctaocrypt/src/hc128.c src_libwolfssl_la_SOURCES += wolfcrypt/src/hc128.c endif diff --git a/wolfcrypt/src/rabbit.c b/wolfcrypt/src/rabbit.c index 414c8b1f7..5ed3bbbe0 100644 --- a/wolfcrypt/src/rabbit.c +++ b/wolfcrypt/src/rabbit.c @@ -23,17 +23,17 @@ #include #endif -#include +#include #ifndef NO_RABBIT -#include -#include -#include +#include +#include +#include #ifdef NO_INLINE - #include + #include #else - #include + #include #endif @@ -104,7 +104,7 @@ static void RABBIT_next_state(RabbitCtx* ctx) /* IV setup */ -static void RabbitSetIV(Rabbit* ctx, const byte* inIv) +static void wc_RabbitSetIV(Rabbit* ctx, const byte* inIv) { /* Temporary variables */ word32 i0, i1, i2, i3, i; @@ -192,7 +192,7 @@ static INLINE int DoKey(Rabbit* ctx, const byte* key, const byte* iv) } ctx->workCtx.carry = ctx->masterCtx.carry; - RabbitSetIV(ctx, iv); + wc_RabbitSetIV(ctx, iv); return 0; } diff --git a/wolfssl/wolfcrypt/des3.h b/wolfssl/wolfcrypt/des3.h index 4608999bb..aa887c3f6 100644 --- a/wolfssl/wolfcrypt/des3.h +++ b/wolfssl/wolfcrypt/des3.h @@ -2,14 +2,14 @@ * * Copyright (C) 2006-2014 wolfSSL Inc. * - * This file is part of CyaSSL. + * This file is part of wolfSSL. (formerly known as CyaSSL) * - * CyaSSL is free software; you can redistribute it and/or modify + * wolfSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * - * CyaSSL is distributed in the hope that it will be useful, + * wolfSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. @@ -28,13 +28,62 @@ #include +#ifdef HAVE_FIPS /* included for fips */ #include +#endif #ifdef __cplusplus extern "C" { #endif +#ifndef HAVE_FIPS +#define WOLFSSL_3DES_CAVIUM_MAGIC 0xBEEF0003 + +enum { + DES_ENC_TYPE = 2, /* cipher unique type */ + DES3_ENC_TYPE = 3, /* cipher unique type */ + DES_BLOCK_SIZE = 8, + DES_KS_SIZE = 32, + + DES_ENCRYPTION = 0, + DES_DECRYPTION = 1 +}; + +#define DES_IVLEN 8 +#define DES_KEYLEN 8 +#define DES3_IVLEN 8 +#define DES3_KEYLEN 24 + + +#ifdef STM32F2_CRYPTO +enum { + DES_CBC = 0, + DES_ECB = 1 +}; +#endif + + +/* DES encryption and decryption */ +typedef struct Des { + word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ + word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */ + word32 key[DES_KS_SIZE]; +} Des; + + +/* DES3 encryption and decryption */ +typedef struct Des3 { + word32 key[3][DES_KS_SIZE]; + word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ + word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */ +#ifdef HAVE_CAVIUM + int devId; /* nitrox device id */ + word32 magic; /* using cavium magic */ + word64 contextHandle; /* nitrox context memory handle */ +#endif +} Des3; +#endif /* HAVE_FIPS */ WOLFSSL_API int wc_Des_SetKey(Des* des, const byte* key, const byte* iv, int dir); WOLFSSL_API void wc_Des_SetIV(Des* des, const byte* iv); diff --git a/wolfssl/wolfcrypt/hmac.h b/wolfssl/wolfcrypt/hmac.h index 5476d2ce3..b37e3bcd3 100644 --- a/wolfssl/wolfcrypt/hmac.h +++ b/wolfssl/wolfcrypt/hmac.h @@ -2,14 +2,14 @@ * * Copyright (C) 2006-2014 wolfSSL Inc. * - * This file is part of CyaSSL. + * This file is part of wolfSSL. (formerly known as CyaSSL) * - * CyaSSL is free software; you can redistribute it and/or modify + * wolfSSL is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * - * CyaSSL is distributed in the hope that it will be useful, + * wolfSSL is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. @@ -31,17 +31,17 @@ #include #endif -//#ifndef NO_SHA +#ifndef NO_SHA #include -//#endif +#endif -//#ifndef NO_SHA256 +#ifndef NO_SHA256 #include -//#endif +#endif -//#ifdef WOLFSSL_SHA512 +#ifdef WOLFSSL_SHA512 #include -//#endif +#endif #ifdef HAVE_BLAKE2 #include diff --git a/wolfssl/wolfcrypt/rabbit.h b/wolfssl/wolfcrypt/rabbit.h index 89582b5dd..247276bbf 100644 --- a/wolfssl/wolfcrypt/rabbit.h +++ b/wolfssl/wolfcrypt/rabbit.h @@ -43,7 +43,7 @@ typedef struct RabbitCtx { word32 c[8]; word32 carry; } RabbitCtx; - + /* Rabbit stream cipher */ typedef struct Rabbit {